ClamAV < 0.94.2 cli_check_jpeg_exploit() Malformed JPEG File DoS
Medium Nessus Plugin ID 35009
SynopsisThe remote antivirus service is vulnerable to a denial of service attack.
DescriptionAccording to its version, the clamd antivirus daemon on the remote host is earlier than 0.94.2. There is a recursive stack overflow involving the JPEG parsing code in such versions. A remote attacker may be able to leverage this issue to cause the application to recursively scan a specially crafted JPEG, which will eventually cause it to crash.
SolutionUpgrade to ClamAV 0.94.2 or later.